Skip to Main Content

Meetings Stub Page [mx-stub]

NIST Cyber Security Professional (NCSP) Practitioner

Course Outline:
 

1 - DIGITAL TRANSFORMATION
  • Explores what the Practitioner needs to know about the relationship between digital transformation and cybersecurity
  • Explain how to determine the impact of cybersecurity on DX.
  • Explain the relationships between culture and digital transformation from the perspective of a practitioner.
  • Explain the delivery of value to stakeholders in a DX & cybersecurity environment.
  • Illustrate the interdependent relationship between cybersecurity and DX.
2 - THREAT LANDSCAPE
  • The Practitioner needs to understand what threat actors do and their capabilities.
  • Compare the evolving attack type impact to the threat environment.
  • Apply knowledge about the threat landscape to maintain a readiness to respond.
  • Develop a risk profile based on business impact analysis
  • Establish the relationship between awareness and training in the continual improvement of cybersecurity posture.
  • Develop and treat training & awareness as a critical aspect of deterrence
  • Use knowledge about the threat landscape as a predicate to the adoption and adaptation of your cybersecurity posture.
3 - THE CONTROLS
  • This chapter provides a sample set of controls based on an informative reference.
  • Understand the purpose goals & objectives for each control.
  • Characterize & explain the informative reference controls
  • Discover how to apply the controls in an organizational context.
4 - ADOPT & ADAPT
  • Adopt is a decision about governance; adapt is the set of management decisions that result from the decision to adopt.
  • Distinguish Adopt, Adapt, Management & Governance.
  • Develop an approach to adoption & adaptation.
  • Distinguish & demonstrate the impact of organizational culture on developing cybersecurity as a capability.
  • Develop an assessment approach to define current state.
5 - ADAPTIVE WAY OF WORKING
  • Threat actors are agile and highly adaptive. The cybersecurity Practitioner must develop the same capabilities
  • Break down what constitutes an adaptive approach.
  • Characterize & apply the need for crossfunctional teams.
  • Recognize and prioritize the first steps (get started).
  • Demonstrate & establish cybersecurity phases.
  • Break down the impact of the flows.
6 - RAPID ADOPTION & RAPID ADAPTATION FASTTRACK
  • FastTrack™ is an approach to allow organizations to learn to adapt to an evolving threat landscape rapidly.
  • Approach: Establish what it takes to adopt CS.
  • Determine how that impacts management adaptation of CS.
  • Determine how that impacts the capability to assess.
  • CS Capability: Determine the gap between existing & needed capabilities.
  • Establish what must be developed.
  • Develop appropriate risk management profile.
  • Discover how cybersecurity impacts people, practice & technology impacts organization.
  • Differentiate CIS Implementation groups.
  • Determine appropriate implementation group & approach.
  • Develop appropriate phase approaches.
7 - CIIS PRACTICE
  • Cybersecurity is an ongoing game of cat and mouse. Organizations must learn how to inculcate cybersecurity improvement into their DNA.
  • Break down & develop mechanisms for ongoing cybersecurity improvement that includes developing a learning organization.
  • Illustrate an improvement plan based on the NIST 7-Step Approach.
  • Illustrate an improvement plan based on the Improvement GPS
  • Demonstrate understanding of Cybersecurity Maturity Model Certification
  • Break down the balancing loop & how it fits into the escalation archetype
  • Use the Fast Track™ (improvement & implementation) cycles.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Become a Member

Complete the application for Institution Membership to start using NERCOMP member benefits now!

Get Started

You are using an unsupported version of Internet Explorer. To ensure security, performance, and full functionality, please upgrade to an up-to-date browser.